Systems and Data Security Manager at Mod Op overseeing IT security operations and compliance. Managing SOC 2 Type II compliance and cloud security across systems and environments.
About the role
- Security Engineer enhancing security in Java-based enterprise applications at TopQuadrant. Designing and implementing security solutions while maintaining compliance with data protection regulations.
Responsibilities
- Design and implement security solutions for Java-based applications
- Secure applications, microservices, APIs, and databases against vulnerabilities
- Perform static (SAST) and dynamic (DAST) security testing
- Perform quarterly Vulnerability Scans and annual Penetration Test
- Manage application dependencies and vulnerabilities within established SLAs
- Implement and support authentication (OAuth, SAML), authorization (RBAC), and encryption
- Integrate security into the CI/CD pipeline to automate security testing and compliance checks
- Monitor, analyze, and respond to security incidents and security questionnaires
- Manage Drata for security monitoring, compliance automation, and audit readiness
- Ensure compliance with data protection regulations (GDPR, CCPA, HIPAA) and security frameworks (ISO 27001, NIST, SOC 2)
- Collaborate with development teams to enforce secure coding best practices via code reviews
- Work with Spring Security to enforce access controls and secure distributed applications
- Maintain and publish TopQuadrant’s Authorized Software List
- Stay updated on the latest security vulnerabilities affecting Java and Spring ecosystems
Requirements
- Bachelor's degree in Computer Science, Cybersecurity, or a related field
- Strong Java development experience, with proficiency in Spring Boot and Spring Security
- Experience with secure coding practices (OWASP Top 10, CWE, etc.)
- Hands-on experience with security tools such as SonarQube and Snyk
- Knowledge of encryption techniques (AES, RSA), authentication protocols (OAuth, OpenID Connect), and API security
- Experience with cloud security best practices (AWS, Azure, or GCP)
- Certifications such as CISSP, CEH, CSSLP, or AWS Security are a plus
Benefits
- Flexible work arrangements
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Tech skills
Location requirements
Report this job
Found something wrong with the page? Please let us know by submitting a report below.
AWS Cloud Security Engineer strengthening cloud security posture at Fluent, Inc. Focused on implementing security controls and maintaining compliance across AWS.
Senior Advisor assisting in property management and building safety at Desjardins. Involves development projects, strategic initiatives, and stakeholder interaction in a hybrid work environment.
Senior IT security advisor helping protect IT hardware, software, and data at Desjardins. Leading initiatives, advising clients, and developing policies for strategic projects.
Business strategy analyst developing plans and business intelligence for Desjardins. Analyzing business needs and solutions for various organizational initiatives with a hybrid work setup.
Security Consultant on TELUS's Cybersecurity Platforms Operations team. Providing hands - on support for critical security services and collaborating with industry - leading vendors.
Senior Cloud Cybersecurity Engineer responsible for cloud security engineering at Tanium. Collaborate to protect cloud infrastructure against threats in Azure, AWS, and Kubernetes.
Managing Consultant in Cybersecurity and NERC Compliance at Guidehouse. Leading client management and project workstreams within the electric utility sector in Canada.
Senior Analyst performing SOC 1 and SOC 2 examinations at Kraken. Leading compliance initiatives and enhancing IT controls in a remote environment.
Security Guard responsible for protecting people and property in Amherst, Nova Scotia. Conducting patrols and monitoring security systems to ensure safety.